WHITE PAPER. Web Filtering: An Essential Part of a Consolidated Security System

Transcription

1 WHITE PAPER Web Filtering: An Essential Part of a Consolidated Security System

2 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 2 Summary After almost two decades of popular adoption, organizations and users of the world-wide web are still being victimized by web-based threats. In spite of the billions of dollars invested in security, web-borne threats are still on the rise. They are more sophisticated and targeted, and with the rise of mobility in the workplace, even more difficult to control. The web s standards-based interface and incredible number of applications have made it the medium of choice for hackers and thieves looking for new ways to disrupt services, steal information and perform malicious activities for financial gain. Here enterprises face a dilemma; employees need web access in order to do their jobs effectively, while management seeks to minimize risk to the corporation. In order to achieve an acceptable balance, management must decide who needs web access, when, how much, and from where. And most importantly, to stay ahead of new threats, enterprises need a security system that can enforce granular web access policies on all devices used to access the web from inside and outside the network perimeter. Since web-based attacks are frequently launched as a blend of several threat technologies, an effective security solution must provide a layered defense employing multiple security technologies. In-depth monitoring and reporting capabilities must be available to alert administrators and users to dangerous web sites and use patterns, and to allow further analysis for fine tuning. This solution must also be easy to configure, deploy and manage. Introduction... 4 Web-Based Threats Cause Real Damage... 4 Prevalent Web-based Threats... 5 Viruses and worms... 5 Spyware... 5 Phishing... 5 Pharming... 6 Trojans horses and botnets... 7 Methods Used to Spread Web-based Threats Instant messaging... 7 Peer-to-peer networks... 7 Drive-by downloads... 7 Social networking... 7 Methods for Controlling Web Access... 8 Steps for Implementing Web Access Control... 8 Common Web Filtering Technologies... 8 Banned word lists... 8 URL blocking lists... 9 Category blocking lists... 9 Fortinet s Web Filtering Solution... 9 Web Content Filtering... 9 URL Filtering Block Allow... 10

4 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 4 Introduction Surfing the web is undoubtedly the most common use of the Internet. Consumers can access nearly any type of information and purchase goods and services from the comfort of their own homes. For workers and the businesses that employ them, the web has boosted productivity and efficiency by enabling instant communication and information sharing in multiple rich formats. However, when workers access the web from devices that are connected (or will soon be connected) to their employer s internal network, they can expose the network to malicious activity including viruses, malware, phishing attacks and criminals seeking information to sell on the black market. In addition to web-based threats, non-business related web activity can reduce worker productivity and further expose businesses to liability through accidental sharing of information and access of inappropriate content. These conflicting needs present enterprises with a dilemma. Employees need web access in order to do their jobs effectively, while management must minimize risk to the corporation. In order to achieve an acceptable balance, management must decide who needs web access, when, how much, and from where. Crafting a web access policy can be a contentious process requiring input from multiple conflicting interests, with resulting web access permissions granted to employees on a departmental or even an individual basis. When a comprehensive web access policy has finally been approved and presented to employees and the IT department, many companies consider the task accomplished. In reality, a security policy is only as effective as the security system and personnel used to implement and enforce it. Companies need a security system that has the flexibility to deploy and enforce granular web access policies on all devices used to access the web from inside and outside of the network perimeter, while remaining easy to configure, deploy and manage. Web-Based Threats Cause Real Damage The Internet has become a new breeding ground for malicious activity targeting both consumers and businesses. Its standards-based web interface and incredible number of applications have made it the medium of choice for hackers and thieves looking for new ways to disrupt services, steal information and perform malicious activities for financial gain. Corrupting computers and networks, and stealing personal data through web-borne viruses, worms and Trojan applications is now commonplace. In fact, web-based attacks were the root cause of 31 percent of data breaches last year 1. Ever more sophisticated attacks use technology and social engineering to trick users into executing malicious payloads that harvest confidential information. The most prevalent threat types include spyware, phishing, instant messaging, peer-to-peer file sharing, streaming media, social media and blended network attacks. The resulting number of data breaches, including identity theft, credit card information theft, fraud, etc. increase every year and cause real damage. In 2010, the average cost of a data breach reached $214 per compromised record and averaged $7.2 million per data breach event 1. In addition to financial loss and legal liability, uncontrolled web access can result in: Lost productivity when workers access the web for non-business reasons Network congestion and business slowdown when valuable bandwidth is diverted from critical applications Increasing costs when additional Internet bandwidth must be purchased Lost business due to negative publicity following data breaches Annual Study: Global Cost of a Data Breach, Ponemon Institute, LLC

5 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 5 Figure 1: Per capita cost of a data breach for five industries in five countries (coverted to US dollars) 1 Prevalent Web-based Threats Viruses and worms Viruses and worms usually leverage known system vulnerabilities and spread quickly through , web sites and Trojan applications. They can carry out many malicious activities that range from disrupting network services to installing a stealthy backdoor application to provide unauthorized access to servers. Recent examples of sophisticated viruses and worms include SpyEye, ZeuS and Stuxnet. Some of these virus variants are now being used to attack mobile devices. Spyware Spyware encompasses a wide range of applications that are installed on a user's computer to track and/or report certain information back to some external source. Unsuspecting users usually install these applications as shareware, freeware, or file sharing services, by opening infected s, clicking on pop-up advertisements, or visiting frivolous or fraudulent web sites. Some of the most common types of spyware include; adware, keystroke loggers, toolbar editors, browser plug-ins, remote administration tools and games. Phishing and Spear Phishing Phishing attacks are usually launched using s, instant messages or social network postings that appear to be from legitimate friends, auction sites, online payment processors or IT administrators. The messages usually redirect unsuspecting users to a fake website with a look and feel that is almost identical to the legitimate one. Users are then instructed to disclose personal information (social security numbers, account ID, passwords, credit card information, etc.) in order to resolve a problem or prevent disruption of critical services. Spear phishing takes the next logical step, using stolen information to identify and launch direct attacks on high-value targets, such as senior executives and other high profile professionals with access to sensitive business information. Webbased social networking applications such as Facebook and Twitter are often used to launch spear phishing attacks, with attackers using stolen information to masquerade as a trusted associate or friend of the victim.

6 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 6 From: Subject: Account Status Dear Chase Online SM Customer, Due to recent activity on your account, we have issued the following security requirements. For your security, we have temporarily prevented access to your account. Chase safeguards your account when there is a possibility that someone other than you tried to sign on. You may be getting this message because you signed in from a different location or device. If this is the case, your access may be restored when you return to your normal sign on method. For immediate access, you are required to follow the intruction below to confirm your account in order to secure your personal account informations. Click To Confirm Your Account Regards,Carter Franke Chief Marketing Officer CardMember Services Figure 2: Phishing and related fraudulent banking site Uptimes of the phishing sites used to launch and control phishing attacks are a vital measure of how damaging phishing attacks can be, and can also be used to measure the success of mitigation efforts. Recently, phishing site uptimes are on the rise. This is a dangerous trend, as the first two days of a phishing attack are believed to be the most lucrative for the phisher 2, and further demonstrates that efforts to shut down phishing sites are related zero day attacks are failing. The longer a phishing site remains active, the more money and personal information the victims and target institutions will potentially lose. Proxy avoidance or anonymity networks such as Tor can help phishing sites hide communications and evade detection. Figure 3: Recent trends in phishing site uptimes (HH:MM:SS) 2 Pharming Identified as a next generation threat, pharming is even more dangerous than phishing because it requires no action from the end user. Unlike phishing attacks that require the user to click on a fraudulent URL, pharming victims may go about their normal web surfing activities, unaware that they are being attacked. Users are silently redirected from legitimate web sites to similar fraudulent web sites that have been designed to detect and extract personal and financial information. 2 Global Phishing Survey: Trends and Domain Name Use in 2H2010, APWG, April 2011

7 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 7 Trojans horses Trojan horses are destructive programs that masquerade as useful applications. One of the most insidious types of Trojan horse is a program that claims to rid a computer of malware, but instead installs spyware or other malware onto an unsuspecting user s computer. Bots and botnets Originally developed to act as virtual individuals that could perform tasks in the background or while a computer user was busy, bots are now widely used for malicious purposes such as stealing passwords and silently gathering information. Bot herders control and gather information from globally distributed bots to form a larger botnet, which can be used to initiate denial-of-service attacks against remote targets or to distribute spam . Bot herders managing large botnets often rent out their services to questionable third parties. The bigger the botnet, the more a bot herder can charge for services and botnet time. Methods Used to Spread Web-based Threats Web-based can be used to spread viruses, malware and phishing scams. viruses can access a user s entire contact database in order to send copies of itself, phishing s and spam to additional victims. This mode of operation significantly extends the reach and life of the threat. URLs or images embedded in s can be used to direct victims to dangerous web sites or install malware. Instant messaging Instant messaging can affect a company s ability to control sensitive information. It can be used to infect computers with spyware and viruses, conduct phishing attacks, and can also be used by Trojans to phone home to a remote computer. Sensitive information may be transmitted in the clear over the Internet and stored on servers that are not controlled and secured in accordance with the company's computer security policies. In addition, instant messaging can reduce productivity when employees spend time "chatting" with friends and family members during work hours. Peer-to-peer networks Peer-to-peer networks are typically used for file sharing. They can expose endpoints to viruses, take up valuable network resources, lower employee productivity, and invite lawsuits should employees download copyrighted or sensitive material. Streaming media is a method of delivering multimedia, usually in the form of audio or video to Internet users. Viewing streaming media impacts legitimate business by using valuable bandwidth. Drive-by downloads Drive-by downloads can occur when a user visits a legitimate web site that has been infected with malware or scripts which redirect the user to actual malware sites. These malware sites may install viruses or information gathering software on the computer. Social networking Social networking web sites and applications, first popular with consumers but increasingly used from internal networks for business purposes, are becoming a real headache for enterprise security managers. Koobface is a computer worm that targets users of social networking applications including Facebook, Twitter and Friendster. When an unsuspecting user clicks on a link to download a video or other media, they are in fact installing the Koobface bot or botnet client. The Koobface bot uploads personal information and passwords to Koobface command and control servers 3, and also directs 3 Koobface Worm Doubles C&C Servers in 48 Hours

8 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 8 users to other malicious sites where additional malware can be downloaded. Experiments show a success rate of over 70% for phishing attacks on social networks. Mobile devices With all of the attention focused on security for networks and endpoint computers, mobile devices such as smart phones and touch pads which can access the Internet represent a green field opportunity for web criminals. Since most corporate IT departments have no control over the mobile devices used by their workers, they have no way to install protection such as antivirus, and no way to enforce security policies. Needless to say, as new smart phones incorporate more business-friendly features and applications, they are being used increasingly by mobile workers to store and communicate sensitive information, and to access the web. Successful computer viruses are now being repurposed to attack mobile devices and their more vulnerable operating systems. Methods for Controlling Web Access Businesses are realizing that traditional security solutions such as firewalls, intrusion detection systems and host-based antivirus are no longer adequate to protect against external web-based attacks. The potential for data loss and damage to corporate networks increases every year as criminals find new ways to penetrate defenses. In addition, as government regulations and legal requirements such as PCI DSS, HIPAA and the HITECH Act begin to hold company executives accountable for their employee's actions, corporate executives and IT professionals alike are becoming more concerned about what their employees are viewing and downloading from the Internet. Steps for Implementing Web Access Control Methods for monitoring and controlling web access range from manual and educational methods to fully automated systems designed to scan, inspect, rate and control each user s web activity. Clearly, web access is a worker efficiency issue as well as a security issue, and each company will need to decide which employees require web access and to what degree. Then they will need to choose and deploy the web access control mechanisms necessary to enforce their new web access policies. Some steps that companies should consider when implementing web access control include: 1. Establish a well written web usage policy for all departments and individuals as necessary, considering business needs as well as security concerns 2. Communicate the usage policy to every person in the organization 3. Educate all users on proper Internet, , and computer conduct 4. Deploy monitoring tools that record and report on Internet usage 5. Install policy-based tools to capture, rate, and block undesirable and known-bad Internet URLs and web sites 6. Implement remediation steps to take appropriate action when users violate policies, register complaints, etc. Common Web Filtering Technologies Several different technologies are commonly used to monitor, log and filter access to web sites and related applications. Many solutions are software-based and run on servers attached to the network through a "mirrored" network port. Other solutions include dedicated appliances that are installed in-line with network traffic flows, enabling visibility of all Internet traffic and fast responsive action against policy violations and malicious content. Some common web content filtering technologies are described below. Banned word lists This web filtering method uses a "black List" dictionary containing banned or undesirable words or phrases. URLs and web content are compared against the black list to block unauthorized web sites. This technology was originally a manual process which used vendor-provided black lists as a starting point. This method has improved over the years and vendorprovided black lists have grown to include millions of keywords and phrases. Updates are usually performed manually and

9 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 9 filtering accuracy may be impacted for specific categories. For example, medical research sites may be blocked if they are mistaken for offensive material. URL blocking lists URL blocking is also typically performed using a black list, however this black list contains known-bad or unauthorized website URLs. Entire URLs can be blocked and exemptions can usually be made to allow access to useful portions of a website. Many vendors provide URL black lists with their products in order to simplify the technology, giving the user the ability to add new sites and perform URL pattern matching. Depending on the frequency of the updates, both banned word lists and URL black lists may fall out of compliance with corporate policies between updates. Category blocking lists Category blocking lists are used to control access to web content. They greatly simplify management by leveraging an external service that maintains and distributes the latest web URL ratings. There are no manual lists to install or maintain. Web traffic is compared to rating databases installed on category servers and the results can be cached locally to increase web filtering performance. This up-to-date web URL and category information eliminates manual management of local black lists, and can be used to ensure accuracy and real-time compliance with corporate Internet usage policies. Fortinet s Web Filtering Solution Many threats leverage a combination of web-based attack technologies and methods to penetrate or circumvent perimeter security defenses. Examples of these so-called blended threats include spyware and phishing attacks which combine spam with posts to social networking sites such as Facebook and Twitter. Users are tricked into visiting dangerous web sites which install malware on the host computer. The malware is used to collect account passwords, eavesdrop on conversations, or copy personal address books. Now the attacker can masquerade as a friend of the victim in order to abuse the trust of additional victims. In this way an attack can snowball indefinitely. With this in mind, it should come as no surprise that multiple protections are frequently required to stop web-based threats at the network perimeter. This philosophy forms the basis of Fortinet s approach to designing threat protection solutions. By integrating multiple threat detection technologies and methods into a single platform, FortiGate consolidated security appliances significantly increase detection and blocking rates of both blended and non-blended web-based threats. Web Content Filtering The Fortinet web filtering solution begins with traditional blocking lists, but goes further by expanding these methods and allowing their use in combination with other Fortinet security functions resident on all FortiGate consolidated security appliances. Fortinet's web content filtering technology enables a wide variety of actions to inspect, rate, and control perimeter web traffic at a granular level. Using Fortinet web content filtering technology, FortiGate appliances can filter web traffic based on: Application use (full or partial blocking) Content as defined in data loss prevention (DLP) policies Wildcard pattern matching Multi-language pattern matching Web pattern lists

10 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 10 Figure 4: Fortinet web content filtering FortiGate web filtering services can also be combined with FortiGate Antivirus, Intrusion Prevention, Anti-Spam and Flowbased Inspection functions to further improve threat detection and mitigation. FortiGate also supports HTTPS web filtering to prevent hackers from hiding their attacks with encryption. URL Filtering URL filtering is typically deployed to prevent users form visiting dangerous or inappropriate web sites. Fortinet URL filtering also gives administrators the option to explicitly allow web sites, or to pass web traffic uninspected both to and from knowngood web sites in order to accelerate traffic flows. URL filtering relies on FortiGuard Web Filtering Services to determine the category and rating of a specific URL. FortiGuard Web Filtering Services will be covered in more detail later on in this whitepaper. Web sites or URLs can be easily added to the local URL filtering list using both text and regular expressions. One of the four following actions can then be assigned as needed to each URL pattern in the URL filtering list. Block Prevents users from accessing potentially dangerous or inappropriate web sites and delivers a warning message to the user when access is denied. Allow Specifically allows users to access a certain web site. Web site traffic is passed on to additional Fortinet security functions for inspection as needed. Pass Specifically allows users to access a certain web site. Web site traffic is allowed to bypass additional Fortinet security functions. This option should be used only for web sites that are fully trusted. Exempt Specifically allows users to access a certain web site. Web site traffic is allowed to bypass additional Fortinet security functions. However, the connection inherits the exemption, meaning that all subsequent reuse of the existing connection will also bypass additional Fortinet security functions. The exemption is cancelled when the connection times out.

11 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 11 Figure 5: Fortinet URL filtering Web Caching To accelerate web traffic and content inspection, all FortiGate devices support Web Cache Communication Protocol (WCCP) which allows the FortiGate to operate as a router or cache engine. Acting as a router, the FortiGate intercepts web browsing requests from client web browsers and forwards them to the cache engine. The cache engine then returns web content to the client as required. When operating as a WCCP cache server, the FortiGate can communicate with other WCCP routers to cache web content, returning requested content to client web browsers as needed. FortiGuard Services In addition to web filtering, FortiGuard Services also provide comprehensive updates for antivirus, antispyware, intrusion prevention, antispam, application control, database loss prevention and vulnerability management functions on FortiGate consolidated security appliances. FortiGuard Services were designed from the ground up to optimize performance and maximize protection afforded by Fortinet security platforms. For the purposes of this document, we will limit the discussion to the web filtering capabilities and updates provided by FortiGuard Services. Unparalleled protection against zero-day web threats FortiGuard Services are continuously updated by FortiGuard Labs. More than 125 security threat researchers, engineers, and forensic specialists comprise the FortiGuard Labs team. Operating in Canada, China, France, Japan, Malaysia and the United States, this team provides around the clock and around the globe coverage to assure some of the fastest response times in the industry to new viruses, vulnerabilities, attacks and malicious threats. The FortiGuard team collaborates with the world s leading threat monitoring organizations to advise and learn of new and emerging threats. Additionally, the team contributes to the overall security industry by identifying and responsibly reporting vulnerabilities directly to vendors of hardware, operating systems and applications. FortiGuard Web Filtering Service The FortiGuard Web Filtering Service enables FortiGate appliances and FortiClient endpoint security agents to block access to dangerous or inappropriate websites which may contain malware or objectionable content. Based on intensive global research and analysis, web filtering updates enable the application of granular and accurate web filtering policies that protect enterprise networks and computers against web-based threats and data loss. Real-time updates are delivered continuously via the FortiGuard global distribution network. The FortiGuard Web Filtering Service provides information on 77 web content categories, more than 30 million rated websites, and more than 2 billion individual web pages making it a leader in ratings accuracy and the breadth of content

13 FORTINET - Web Filtering: An Essential Part of a Consolidated Security System PAGE 13 Figure 6: FortiGuard Web Filtering Service The FortiGuard Web Filtering Service filters web content requests in real-time using the following sequence of events: 1. Customer or end user requests a web site URL (a). 2. If the rating for the URL is already cached in the FortiGate unit, it is immediately compared with the policy for the user (b). If the site is allowed, the page is requested from the web server (c) and the response is retrieved (d). 3. If the URL rating is not in the FortiGate cache, the page is requested (c) and a rating request is made simultaneously to the FortiGuard Rating Server (e). 4. The response from the Web site (d) is stored by the FortiGate unit until the rating is received. The rating response is returned to the FortiGate unit (f) and is compared with the requestor's policy (b). 5. If the policy allows the user to view the page, the web site response (d) is passed on to the requestor (g). Otherwise, a user-definable "blocked" message is sent to the requestor and the event is logged in the content filtering log. FortiGuard feedback channel The FortiGuard Web Filtering Service also provides a feedback channel for web site categorization. Administrators can submit an unrated web site or look up an existing web site using the FortiGuard Web Filtering web site: Administrators can also override FortiGuard service ratings by using a local rating on their FortiGate device, providing full control of web access. Multi-layered Protection against Web-Based Threats Owing to Fortinet s philosophy of combining multiple threat detection technologies and methods on a single platform, web filtering can also be combined with other Fortinet security functions to provide superior threat detection and protection against the latest known and unknown web-based attacks. For example, web content filtering technologies can be combined with antivirus, antispyware, intrusion prevention, antispam, application control, database loss prevention and vulnerability management functions into a single protection policy. By

Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

How Web Security Improves Productivity and Compliance Why business managers, HR, legal, compliance and IT all like content filtering and web policy controls Contents Introduction: Web Security Is Not Just

How Fail Today s Networks And Why Will Prevail Why your current firewall may be jeopardizing your security, and how you can counter today s threats, manage web 2.0 apps and enforce acceptable-use policies.

WEB PROTECTION Features SECURITY OF INFORMATION TECHNOLOGIES The web today has become an indispensable tool for running a business, and is as such a favorite attack vector for hackers. Injecting malicious

Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual

THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

White Paper How to Effectively Provide Safe and Productive Web Environment for Today's Businesses Table of Content The Importance of Safe and Productive Web Environment... 1 The dangers of unrestricted

White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as

V1.4 August 2 Spambrella Email Continuity SaaS Easy to implement, manage and use, Message Continuity is a scalable, reliable and secure service with no set-up fees. Built on a highly reliable and scalable

The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic

SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria

ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,

Commissioned Study SURVEY: Web Threats Expose Businesses to Data Loss Introduction Web-borne attacks are on the rise as cybercriminals and others who do harm to computer systems for profit or malice prey

Proactive security IT body armor against business attacks WHITE PAPER Why you should read this white paper Defending against today s diverse array of security risks can be an enormous drain on corporate

Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation

AVG AntiVirus Award-winning antivirus protection detects, blocks, and removes viruses and malware from your company s PCs and servers. And like all of our cloud services, there are no license numbers to

Securing Wireless Networks for PCI Compliance Using Fortinet s Secure WLAN Solution to Meet Regulatory Requirements Introduction In the wake of many well-documented data breaches, standards such as the

Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.

- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.

January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document

How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction

Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.

White Paper Secure Web Gateways Buyer s Guide > (Abbreviated Version) The web is the number one source for malware distribution. With more than 2 million 1 new pages added every day and 10,000 new malicious

White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 The components required of an effective web

WHITE PAPER FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems Abstract: Denial of Service (DoS) attacks have been a part of the internet landscape for

with Cloud-Based Security Services > White Paper It s a phenomenon and a fact: employees are always on today. They connect to the network whenever they want, from wherever they happen to be, with laptops,

DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently

SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION

How to stay safe online Everyone knows about computer viruses...or at least they think they do. Nearly 30 years ago, the first computer virus was written and since then, millions of viruses and other malware

Corporate Account Takeover & Information Security Awareness Customer Training No computer system can provide absolute security under all conditions. NO SECURITY MEASURE OR LIST OF SECURITY MEASURES CAN

Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

McAfee Total Protection Reduce the Complexity of Managing Security Computer security has changed dramatically since the first computer virus emerged 25 years ago. It s now far more complex and time-consuming.

10 easy steps to secure your retail network Simple step-by-step IT solutions for small business in retail to leverage advanced protection technology in ways that are affordable, fast and easy October 2015

Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your

INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part

Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from